readonly settings constraint from default profile can't be changed in other profiles

[PhantomPhreak]

As described in a documentation:

Note: the default profile has a special handling: all the constraints defined for the default profile become the default constraints, so they restrict all the users until they're overriden explicitly for these users.

So, i expect that i can set a readonly constraint for some setting for a default profile, then override it for some user by his profile.

Example config:

<yandex>
    <profiles>

        <default>
            <readonly>0</readonly>
            <max_memory_usage>10000000000</max_memory_usage>
            <constraints>
                <max_memory_usage>
                    <readonly/>
                </max_memory_usage>
            </constraints>
        </default>

        <developer>
            <readonly>2</readonly>
            <max_memory_usage>10000</max_memory_usage>
            <constraints>
                <max_memory_usage>
                    <max>9999999999999999</max>
                </max_memory_usage>
            </constraints>
        </developer>

    </profiles>
...
</yandex>

With this config i expect that i'll be able to change max_memory_usage for user with a profile developer up to 9999999999999999, but when i try to do this, i receive following error:

my_awesome_ch :) select * from system.settings where name='readonly'

SELECT *
FROM system.settings
WHERE name = 'readonly'

┌─name─────┬─value─┬─changed─┬─description───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│ readonly │ 2     │       1 │ "0 - everything is allowed. 1 - only read requests. 2 - only read requests, as well as changing settings, except for the 'readonly' setting." │
└──────────┴───────┴─────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

1 rows in set. Elapsed: 0.004 sec. 

my_awesome_ch :) set max_memory_usage=99999999;

SET max_memory_usage = 99999999

Received exception from server (version 19.13.4):
Code: 452. DB::Exception: Received from localhost:9000. DB::Exception: Setting max_memory_usage should not be changed. 

0 rows in set. Elapsed: 0.001 sec. 

my_awesome_ch :) 

I'm running ClickHouse v19.13.4.32
Is it a bug or inaccuracy in the documentation?

Thanks!

[filimonov]

That happens because default profile is used as a 'base' for other profiles. And once readonly constraint was set, it can't be changed later.

Related code part:

ClickHouse/dbms/src/Interpreters/SettingsConstraints.cpp

Line 155 in 9a89ee8

setReadOnly(name, true);

Maybe we should introduce an option to reset flag on later levels? Smth like that:

<readonly>0</readonly>

[PhantomPhreak]

Aha, now it's clear, thank you.

Maybe we should introduce an option to reset flag on later levels? Smth like that:

It looks like a way to override a <readonly/> setting from a default profile. But what if i'd like to set some min/max values, not just to make it changeable again? Like in my example, there are <readonly/> for max_memory_usage in a default profile, and <max>9999999999999999</max> in a developer profile.

At my glance, it would be better to set
<readonly>1</readonly> - set readonly constraint
<readonly>0</readonly> - remove readonly constraint, override settings from a default profile
<max>value</max> - override settings from a default profile, remove readonly flag
<min>value</min> - override settings from a default profile, remove readonly flag

How it may be useful: i'd like to set readonly = 2 setting for some users, to allow them to create a temporary tables, but i also would like to set a constraints for some settings like max_memory_usage or priority (to control user's impact/resource consumption). Since there may be a lot of profiles, i'd like to set readonly constraints for those settings only once in a default profile, and then override them for some specific profile, if needed.

Thank you a lot :)